diff --git a/docs/setup-robusta/additional-settings.rst b/docs/setup-robusta/additional-settings.rst index b70e6256a..10e0dce41 100644 --- a/docs/setup-robusta/additional-settings.rst +++ b/docs/setup-robusta/additional-settings.rst @@ -144,65 +144,61 @@ To **enable** interactivity, set the following in your `generated_values.yaml` f Censoring Logs ---------------- -Pod logs gathered by Robusta can be censored using regexes. For example, a payment processing pod might have credit card numbers in its log. These can be sanitized in-cluster. +Pod logs gathered by Robusta can be censored using `Python regular expressions `_. For example, a payment processing pod might have credit card numbers or other sensitive information in its logs. These can be automatically sanitized before they appear in notifications. -This feature applies to the following Robusta actions: +**How to Enable Log Censoring for All Logs** -- :code:`logs_enricher` -- :code:`report_crash_loop` +To censor sensitive information in all logs, add the following to your Helm values file: -To censor logs, define a `python regex `_ for expressions you wish to filter. +.. code-block:: yaml -For example: + globalConfig: + regex_replacement_style: SAME_LENGTH_ASTERISKS # Alternative: NAMED + regex_replacer_patterns: + - name: CreditCard + regex: "[0-9]{4}[- ][0-9]{4}[- ][0-9]{4}[- ][0-9]{4}" + - name: Email + regex: "[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,}" + - name: UUID + regex: "[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}" -.. code-block:: yaml +After adding these values, perform a Helm upgrade: + +.. code-block:: bash - - logs_enricher: - regex_replacement_style: SAME_LENGTH_ASTERISKS # You can also use NAMED - regex_replacer_patterns: - - name: MySecretPort - regex: "my secret port \\d+" - - name: UUID - regex: "[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}" + helm upgrade robusta robusta/robusta -f values.yaml -Given the following input: +**Example: Before and After Censoring** + +Given the following pod log: .. code-block:: - # Input (actual pod log): + # Original pod log: 2022-07-28 08:24:45.283 INFO user's uuid: '193836d9-9cce-4df9-a454-c2edcf2e80e5' - 2022-07-28 08:35:00.762 INFO Successfully loaded some critical module - 2022-07-28 08:35:01.090 INFO using my secret port 114, ip: ['172.18.0.3'] + 2022-07-28 08:35:00.762 INFO Customer email: user@example.com + 2022-07-28 08:35:01.090 INFO Payment processed with card: 4111-1111-1111-1111 -The censored output will be: +The censored output will appear as: .. code-block:: - # Output for SAME_LENGTH_ASTERISKS (How it will appear in Slack, for example): - + # Using SAME_LENGTH_ASTERISKS style: 2022-07-28 08:24:45.283 INFO user's uuid: '************************************' - 2022-07-28 08:35:00.762 INFO Successfully loaded some critical module - 2022-07-28 08:35:01.090 INFO using ******************, ip: ['172.18.0.3'] - - # Output for NAMED (How it will appear in Slack, for example): + 2022-07-28 08:35:00.762 INFO Customer email: **************** + 2022-07-28 08:35:01.090 INFO Payment processed with card: ******************* + # Using NAMED style: 2022-07-28 08:24:45.283 INFO user's uuid: '[UUID]' - 2022-07-28 08:35:00.762 INFO Successfully loaded some critical module - 2022-07-28 08:35:01.090 INFO using [MySecretPort], ip: ['172.18.0.3'] - -It is best to define this in a :ref:`Global Config`, so it will be applied everywhere. + 2022-07-28 08:35:00.762 INFO Customer email: [Email] + 2022-07-28 08:35:01.090 INFO Payment processed with card: [CreditCard] -.. code-block:: yaml +**Note:** This censoring applies to logs displayed in Robusta's built-in notifications, including those shown by the following Robusta actions: - globalConfig: # Note: no need to specify logs_enricher or report_crash_loop by name here. - regex_replacement_style: SAME_LENGTH_ASTERISKS - regex_replacer_patterns: - - name: MySecretPort - regex: "my secret port \\d+" - - name: UUID - regex: "[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}" +- :code:`logs_enricher` - Shows container logs in various alerts +- :code:`report_crash_loop` - Shows container logs for crashing pods -Place these values inside Robusta's Helm values and perform a :ref:`Helm Upgrade `. +For specific actions, you can also override these settings in your playbook definitions if needed. Memory allocation on big clusters